summaryrefslogtreecommitdiff
path: root/security/osv-scanner
diff options
context:
space:
mode:
Diffstat (limited to 'security/osv-scanner')
-rw-r--r--security/osv-scanner/Makefile11
-rw-r--r--security/osv-scanner/distinfo10
-rw-r--r--security/osv-scanner/files/patch-internal_sourceanalysis_go.go14
3 files changed, 17 insertions, 18 deletions
diff --git a/security/osv-scanner/Makefile b/security/osv-scanner/Makefile
index 0ce2d86f5e6c..c3f0fa16bbd3 100644
--- a/security/osv-scanner/Makefile
+++ b/security/osv-scanner/Makefile
@@ -1,23 +1,22 @@
PORTNAME= osv-scanner
DISTVERSIONPREFIX= v
-DISTVERSION= 1.9.2
-PORTREVISION= 3
+DISTVERSION= 2.2.2
CATEGORIES= security
-MAINTAINER= lcook@FreeBSD.org
+MAINTAINER= dutra@FreeBSD.org
COMMENT= Vulnerability scanner written in Go which uses the OSV database
WWW= https://github.com/google/osv-scanner
LICENSE= APACHE20
LICENSE_FILE= ${WRKSRC}/LICENSE
-USES= go:1.23,modules
+USES= go:1.24,modules,run
_BUILD_VERSION= ${DISTVERSION}
-_BUILD_COMMIT= 1e295ee
+_BUILD_COMMIT= 04a8728
_BUILD_DATE= $$(date +%Y-%m-%d)
-GO_MODULE= github.com/google/${PORTNAME}
+GO_MODULE= github.com/google/${PORTNAME}/v2
GO_TARGET= ./cmd/${PORTNAME}
GO_BUILDFLAGS= -ldflags "\
-s -w \
diff --git a/security/osv-scanner/distinfo b/security/osv-scanner/distinfo
index a27f12229bee..1a2041a4e6ed 100644
--- a/security/osv-scanner/distinfo
+++ b/security/osv-scanner/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1738079186
-SHA256 (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.mod) = 705bf3761bf62eb440e7b3900383d7d3ceee6e20eb412e69831fa5cdbf74b096
-SIZE (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.mod) = 5010
-SHA256 (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.zip) = 395023fb51425d49745e49d970bd05e39d12473916018d50d4ddd2175514c8b6
-SIZE (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.zip) = 7506952
+TIMESTAMP = 1757786339
+SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = d54389929750cc4839c89a8f2083a8d735c105d2aac0a3d90cdfb9a5e8fc998f
+SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = 9801
+SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 5dbba62ae3d7fec8f1d61d3cb011b54f8b994ac6b7aa9a33a3f9bee0abf0a70a
+SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 12527375
diff --git a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go
index c1bbfd93f555..024b5e0dda44 100644
--- a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go
+++ b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go
@@ -1,11 +1,11 @@
---- internal/sourceanalysis/go.go.orig 1979-11-29 23:00:00 UTC
+--- internal/sourceanalysis/go.go.orig 2025-09-13 17:59:56 UTC
+++ internal/sourceanalysis/go.go
-@@ -18,7 +18,7 @@ func goAnalysis(r reporter.Reporter, pkgs []models.Pac
- )
+@@ -21,7 +21,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod
- func goAnalysis(r reporter.Reporter, pkgs []models.PackageVulns, source models.SourceInfo) {
-- cmd := exec.Command("go", "version")
-+ cmd := exec.Command("go%%GO_SUFFIX%%", "version")
+ func goAnalysis(pkgs []models.PackageVulns, source models.SourceInfo) {
+ // TODO: This will be moved to enrichers which does have context.
+- cmd := exec.CommandContext(context.TODO(), "go", "version")
++ cmd := exec.CommandContext(context.TODO(), "go%%GO_SUFFIX%%", "version")
_, err := cmd.Output()
if err != nil {
- r.Infof("Skipping call analysis on Go code since Go is not installed.\n")
+ cmdlogger.Infof("Skipping call analysis on Go code since Go is not installed.")